WCry Ransomware Attacks Hits Global Computer Networks

There is a huge ransomware attacking organizations in multiple countries as we wrote this blog. The number of victims keeps growing – and by this latest string of ransomware attacks have grown tremendously over the last few hours. According to NPR, there are reports of Spain’s largest telecom being hit. At least 16 hospitals in England’s National Health Service are impacted. There are also unconfirmed reports that Frankfurt International Airport is also victim.

Ransomware was estimated to be a billion dollar business in 2016 and it will keep growing.

All of the attacks are being blamed on the same malware, called WCry, WannaCry, or Wana Decryptor. Wana Decryptor exploits a Windows flaw that was patched in Microsoft’s Security Bulletin MS17-010, which was disclosed back in March 2017.

Containment and Response:

Immediate disconnect as many computers, servers, backups, USB thumbdrives, external hard drives, laptops, WiFi and any other means of data communications as quickly as possible.

If it isn’t possible, implement firewall rules that blocks all inbound and outbound TCP and UDP traffic on Port 137, 138, 139, 445 and 3389 at all levels.

Begin patching systems as soon as humanly possible. The patches are as followed: